Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Secure Access Control System 身份验证绕过漏洞
Vulnerability Description
Cisco Secure Access Control Server(ACS)是美国思科(Cisco)公司的一款安全访问控制服务器。该服务器为思科智能信息网络提供基于身份的全面的访问控制解决方案。 Cisco Secure Access Control System (ACS) 5.2 Patch 11之前5.x版本和5.3 Patch 7之前的5.3版本中存在漏洞。当使用包含TACACS+和LDAP的某些配置时,没有正确验证密码。远程攻击者利用该漏洞通过发送有效的用户名和特制的密码字符串,绕过身份验证。
CVSS Information
N/A
Vulnerability Type
N/A